rpm package
opensuse/wicked&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/wicked&distro=openSUSE%20Tumbleweed
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-44932 | Hig | 8.8 | < 0.6.79-1.1 | 0.6.79-1.1 | Jun 16, 2026 | Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server to execute code on the local machine. | |
| CVE-2019-18903 | — | < 0.6.66-1.2 | 0.6.66-1.2 | Mar 2, 2020 | A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior | ||
| CVE-2019-18902 | — | < 0.6.66-1.2 | 0.6.66-1.2 | Mar 2, 2020 | A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior | ||
| CVE-2020-7217 | — | < 0.6.66-1.2 | 0.6.66-1.2 | Feb 10, 2020 | An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id. | ||
| CVE-2020-7216 | — | < 0.6.66-1.2 | 0.6.66-1.2 | Feb 5, 2020 | An ni_dhcp4_parse_response memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets without a message type option. |
- affected < 0.6.79-1.1fixed 0.6.79-1.1
Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server to execute code on the local machine.
- CVE-2019-18903Mar 2, 2020affected < 0.6.66-1.2fixed 0.6.66-1.2
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior
- CVE-2019-18902Mar 2, 2020affected < 0.6.66-1.2fixed 0.6.66-1.2
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior
- CVE-2020-7217Feb 10, 2020affected < 0.6.66-1.2fixed 0.6.66-1.2
An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id.
- CVE-2020-7216Feb 5, 2020affected < 0.6.66-1.2fixed 0.6.66-1.2
An ni_dhcp4_parse_response memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets without a message type option.